b85c50a640f09034a077ae352e42c34f93ac1945fda2840dda678754fb089f6e

General

Target

b85c50a640f09034a077ae352e42c34f93ac1945fda2840dda678754fb089f6e
Size

362KB
MD5

67f7ff6844df204f66b53b9d400f2070
SHA1

5259bff6f2fd78df7553ae78905e580e1c19fb89
SHA256

b85c50a640f09034a077ae352e42c34f93ac1945fda2840dda678754fb089f6e
SHA512

a97ecaed7b07416b357fc66101fd14b3419144e82c40cc70fe766b644bdf985dc5d12536c088caf4d86c68ece21227f2da51d404b00d682c9361e2499a2d4414
SSDEEP

6144:BH+Dj7zFg7xdDlw3aRxs1YDJJIg+2LWRJ9lRRTfmzcCKJ3Wc9YZ:cv7zFg7x9saI14JJt+2iRJtBezcCUW

Score

N/A

Malware Config

Signatures

Files

b85c50a640f09034a077ae352e42c34f93ac1945fda2840dda678754fb089f6e
.exe windows x86

653c491993533c5d98dd3817977c7cbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegisterServiceCtrlHandlerA
StartServiceA
CloseServiceHandle
OpenSCManagerA
ControlService
QueryServiceStatus
SetServiceStatus
OpenServiceA

kernel32

CreateEventA
InterlockedIncrement
BindIoCompletionCallback
LeaveCriticalSection
lstrlenW
GetOverlappedResult
GlobalAlloc
Sleep
ResetEvent
InterlockedDecrement
GetCurrentProcess
GetConsoleOutputCP
Beep
DeviceIoControl
GetConsoleCP
SetLastError
PostQueuedCompletionStatus
SleepEx
GlobalFree
WaitForSingleObject
lstrcpyW
DeleteCriticalSection
GetQueuedCompletionStatus

rtutils

TracePutsExA
TraceDumpExA
TraceDeregisterExA
TracePrintfA
TraceRegisterExA
TraceDeregisterA
TracePrintfExA

ntdll

RtlNtStatusToDosError
NtWaitForSingleObject
RtlAllocateHeap
RtlFreeHeap
RtlQueueWorkItem
NtClose
RtlUnwind
NtOpenFile
NtCreateFile
NtImpersonateThread
RtlInitUnicodeString
wcsstr
NtAllocateVirtualMemory

ws2_32

WSARecvFrom

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 315KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

653c491993533c5d98dd3817977c7cbb

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

rtutils

ntdll

ws2_32

Sections

.text Size: 6KB - Virtual size: 5KB

.rsrc Size: 22KB - Virtual size: 22KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 315KB - Virtual size: 752KB

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 22KB - Virtual size: 22KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 315KB - Virtual size: 752KB